PayPal Bug Bounty

If you are a bug bounty hunter seeking financial rewards for uncovering severe security vulnerabilities, then the PayPal Bug Bounty Program may be worth checking out. This program rewards eligible and ethical researchers with up to $20,000 when they successfully report qualifying security bugs discovered on PayPal’s platform.

Program Overview









Minimum Reward


Maximum Reward


Average Payout


Total Payouts

$8.8 million


The following PayPal brands are in scope:

  • PayPal
  • Venmo
  • Xoom
  • Braintree Payments
  • Swift Financial/ Loanbuilder
  • Hyperwallet

For more information on in-scope vulnerabilities, please visit HackerOne.

Frequently Asked Questions

Does PayPal have a bug bounty?

Yes, PayPal has a bug bounty program. Launched in 2018, the PayPal bug bounty program is one of the most popular programs for ethical hackers and bug bounty hunters. For more information on PayPal’s bug bounty, please visit HackerOne.

How much does PayPal pay for bug bounty?

The average payout for a resolved report on the PayPal bug bounty program is $2,500. Factors such as the severity of the vulnerability and its impact on user data can also influence the payout amount. Researchers can earn up to $20,000 for their findings on critical issues.